Securing Web Applications - Using Intercepting Proxies for Fun & Profit
In the age of web-based applications, ensuring client-server apps are configured securely is of paramount concern. With intercepting proxy tools you can easily understand how a web application works and start manually testing it. They allow its operator to act as a man-in-the-middle between a browser and the target application.
This session will briefly discuss when in the Secure Software Development Lifecycle 'dynamic analysis' security tools should be used and primarily teach how intercepting proxies can be used to improve security of these types of applications. The use of the 'Burp Suite Pro' intercepting proxy to identify security problems with web applications will be demonstrated.blog comments powered by Disqus